These forums are now read-only. Please visit our new forums to participate in discussion. A new account will be required to post in the new forums. For more info on the switch, see this post. Thank you!

If I choose to sync with a WebDav server over http, is the data encrypted in such a manner that an attacker monitoring network packets won't see my sensitive information? How about the information as it is stored on the server? Is that encrypted?

I'm planning on using both the Mac and iPhone clients to sync with a WebDav server.

I would clarify this to say that it may not be encrypted on disk. Swissdisk, for example, does also encrypt the data on disk.

Fair enough, but the data is decrypted after it emerges from the networking stack, before it gets written to the disk. If you aren't willing to trust the provider to keep prying eyes away from their disks, are you willing to trust that they can keep them away completely? It will discourage the casual snooper, but I wouldn't rely on it to stop a determined attack if your data is worth stealing.

Fair enough, but the data is decrypted after it emerges from the networking stack, before it gets written to the disk. If you aren't willing to trust the provider to keep prying eyes away from their disks, are you willing to trust that they can keep them away completely? It will discourage the casual snooper, but I wouldn't rely on it to stop a determined attack if your data is worth stealing.

Agreed. Most security standards require transport encryption and encryption at rest, but data is not usually encrypted on the entire path between those two states. Most data compromises happen due to unauthorized access to data at rest.

Given a determined enough attacker, no data is secure, so I'm satisfied with keeping the bottom 95% away ;)

Quote:

It will not be encrypted as stored on the disk on the server in either case.

To the original point, Swiss Disk does encrypt the data stored on disk.